diff --git a/sub/subJsonService.go b/sub/subJsonService.go
index 8222491a..72c5c6f1 100644
--- a/sub/subJsonService.go
+++ b/sub/subJsonService.go
@@ -253,9 +253,6 @@ func (s *SubJsonService) tlsData(tData map[string]any) map[string]any {
tlsData["serverName"] = tData["serverName"]
tlsData["alpn"] = tData["alpn"]
- if allowInsecure, ok := tlsClientSettings["allowInsecure"].(bool); ok {
- tlsData["allowInsecure"] = allowInsecure
- }
if fingerprint, ok := tlsClientSettings["fingerprint"].(string); ok {
tlsData["fingerprint"] = fingerprint
}
diff --git a/sub/subService.go b/sub/subService.go
index e046ebb4..818f193b 100644
--- a/sub/subService.go
+++ b/sub/subService.go
@@ -270,9 +270,6 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
obj["fp"], _ = fpValue.(string)
}
- if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
- obj["allowInsecure"], _ = insecure.(bool)
- }
}
}
@@ -296,7 +293,7 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string {
newSecurity, _ := ep["forceTls"].(string)
newObj := map[string]any{}
for key, value := range obj {
- if !(newSecurity == "none" && (key == "alpn" || key == "sni" || key == "fp" || key == "allowInsecure")) {
+ if !(newSecurity == "none" && (key == "alpn" || key == "sni" || key == "fp")) {
newObj[key] = value
}
}
@@ -431,11 +428,6 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
params["fp"], _ = fpValue.(string)
}
- if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
- if insecure.(bool) {
- params["allowInsecure"] = "1"
- }
- }
}
if streamNetwork == "tcp" && len(clients[clientIndex].Flow) > 0 {
@@ -501,7 +493,7 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string {
q := url.Query()
for k, v := range params {
- if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) {
+ if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) {
q.Add(k, v)
}
}
@@ -632,11 +624,6 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
params["fp"], _ = fpValue.(string)
}
- if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
- if insecure.(bool) {
- params["allowInsecure"] = "1"
- }
- }
}
}
@@ -698,7 +685,7 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string
q := url.Query()
for k, v := range params {
- if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) {
+ if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) {
q.Add(k, v)
}
}
@@ -837,11 +824,6 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok {
params["fp"], _ = fpValue.(string)
}
- if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok {
- if insecure.(bool) {
- params["allowInsecure"] = "1"
- }
- }
}
}
@@ -870,7 +852,7 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st
q := url.Query()
for k, v := range params {
- if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) {
+ if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) {
q.Add(k, v)
}
}
diff --git a/web/assets/js/model/inbound.js b/web/assets/js/model/inbound.js
index 9bc93c30..b6059cf7 100644
--- a/web/assets/js/model/inbound.js
+++ b/web/assets/js/model/inbound.js
@@ -635,7 +635,7 @@ class TlsStreamSettings extends XrayCommonClass {
}
if (!ObjectUtil.isEmpty(json.settings)) {
- settings = new TlsStreamSettings.Settings(json.settings.allowInsecure, json.settings.fingerprint, json.settings.echConfigList);
+ settings = new TlsStreamSettings.Settings(json.settings.fingerprint, json.settings.echConfigList);
}
return new TlsStreamSettings(
json.serverName,
@@ -738,25 +738,21 @@ TlsStreamSettings.Cert = class extends XrayCommonClass {
TlsStreamSettings.Settings = class extends XrayCommonClass {
constructor(
- allowInsecure = false,
fingerprint = UTLS_FINGERPRINT.UTLS_CHROME,
echConfigList = '',
) {
super();
- this.allowInsecure = allowInsecure;
this.fingerprint = fingerprint;
this.echConfigList = echConfigList;
}
static fromJson(json = {}) {
return new TlsStreamSettings.Settings(
- json.allowInsecure,
json.fingerprint,
json.echConfigList,
);
}
toJson() {
return {
- allowInsecure: this.allowInsecure,
fingerprint: this.fingerprint,
echConfigList: this.echConfigList
};
@@ -1417,9 +1413,6 @@ class Inbound extends XrayCommonClass {
if (this.stream.tls.alpn.length > 0) {
obj.alpn = this.stream.tls.alpn.join(',');
}
- if (this.stream.tls.settings.allowInsecure) {
- obj.allowInsecure = this.stream.tls.settings.allowInsecure;
- }
}
return 'vmess://' + Base64.encode(JSON.stringify(obj, null, 2));
@@ -1480,9 +1473,6 @@ class Inbound extends XrayCommonClass {
if (this.stream.isTls) {
params.set("fp", this.stream.tls.settings.fingerprint);
params.set("alpn", this.stream.tls.alpn);
- if (this.stream.tls.settings.allowInsecure) {
- params.set("allowInsecure", "1");
- }
if (!ObjectUtil.isEmpty(this.stream.tls.sni)) {
params.set("sni", this.stream.tls.sni);
}
@@ -1583,9 +1573,6 @@ class Inbound extends XrayCommonClass {
if (this.stream.isTls) {
params.set("fp", this.stream.tls.settings.fingerprint);
params.set("alpn", this.stream.tls.alpn);
- if (this.stream.tls.settings.allowInsecure) {
- params.set("allowInsecure", "1");
- }
if (this.stream.tls.settings.echConfigList?.length > 0) {
params.set("ech", this.stream.tls.settings.echConfigList);
}
@@ -1662,9 +1649,6 @@ class Inbound extends XrayCommonClass {
if (this.stream.isTls) {
params.set("fp", this.stream.tls.settings.fingerprint);
params.set("alpn", this.stream.tls.alpn);
- if (this.stream.tls.settings.allowInsecure) {
- params.set("allowInsecure", "1");
- }
if (this.stream.tls.settings.echConfigList?.length > 0) {
params.set("ech", this.stream.tls.settings.echConfigList);
}
diff --git a/web/assets/js/model/outbound.js b/web/assets/js/model/outbound.js
index fc110b4e..56606231 100644
--- a/web/assets/js/model/outbound.js
+++ b/web/assets/js/model/outbound.js
@@ -345,16 +345,14 @@ class TlsStreamSettings extends CommonClass {
serverName = '',
alpn = [],
fingerprint = '',
- allowInsecure = false,
echConfigList = '',
- verifyPeerCertByName = 'cloudflare-dns.com',
+ verifyPeerCertByName = '',
pinnedPeerCertSha256 = '',
) {
super();
this.serverName = serverName;
this.alpn = alpn;
this.fingerprint = fingerprint;
- this.allowInsecure = allowInsecure;
this.echConfigList = echConfigList;
this.verifyPeerCertByName = verifyPeerCertByName;
this.pinnedPeerCertSha256 = pinnedPeerCertSha256;
@@ -365,7 +363,6 @@ class TlsStreamSettings extends CommonClass {
json.serverName,
json.alpn,
json.fingerprint,
- json.allowInsecure,
json.echConfigList,
json.verifyPeerCertByName,
json.pinnedPeerCertSha256,
@@ -377,7 +374,6 @@ class TlsStreamSettings extends CommonClass {
serverName: this.serverName,
alpn: this.alpn,
fingerprint: this.fingerprint,
- allowInsecure: this.allowInsecure,
echConfigList: this.echConfigList,
verifyPeerCertByName: this.verifyPeerCertByName,
pinnedPeerCertSha256: this.pinnedPeerCertSha256
@@ -936,8 +932,7 @@ class Outbound extends CommonClass {
stream.tls = new TlsStreamSettings(
json.sni,
json.alpn ? json.alpn.split(',') : [],
- json.fp,
- json.allowInsecure);
+ json.fp);
}
const port = json.port * 1;
@@ -978,10 +973,9 @@ class Outbound extends CommonClass {
if (security == 'tls') {
let fp = url.searchParams.get('fp') ?? 'none';
let alpn = url.searchParams.get('alpn');
- let allowInsecure = url.searchParams.get('allowInsecure');
let sni = url.searchParams.get('sni') ?? '';
let ech = url.searchParams.get('ech') ?? '';
- stream.tls = new TlsStreamSettings(sni, alpn ? alpn.split(',') : [], fp, allowInsecure == 1, ech);
+ stream.tls = new TlsStreamSettings(sni, alpn ? alpn.split(',') : [], fp, ech);
}
if (security == 'reality') {
diff --git a/web/html/form/outbound.html b/web/html/form/outbound.html
index 4df095d4..a2de920a 100644
--- a/web/html/form/outbound.html
+++ b/web/html/form/outbound.html
@@ -700,14 +700,12 @@
-
-
-
+ v-model.trim="outbound.stream.tls.verifyPeerCertByName"
+ placeholder="cloudflare-dns.com">
-
+
@@ -772,7 +770,8 @@
-
+
@@ -799,7 +798,8 @@
-
diff --git a/web/html/form/tls_settings.html b/web/html/form/tls_settings.html
index b2368d4f..2fe82388 100644
--- a/web/html/form/tls_settings.html
+++ b/web/html/form/tls_settings.html
@@ -58,9 +58,6 @@
]]
-
-
-